GitHub Enterprise Server 3.3 enhances CI/CD and adds a new security manager role
This latest release sees the introduction of a new role, a new webhook for GitHub Actions, and a bright edge to dark mode.
The GitHub Enterprise Server 3.3 release candidate brings some much anticipated improvements to CI/CD and security. This latest release sees the introduction of a new role, a new webhook for GitHub Actions, and a bright edge to dark mode. CodeQL, part of GitHub Advanced Security, continues to expand support for more libraries and frameworks. CodeQL can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up.
Remember, release candidates are a way for you to try the latest features at the earliest time, and they help us gather feedback early to ensure the release works in your environment. They should be tested on non-production environments.
Download the release candidate now or read more about the release candidate process.
Clean lines and and an edge that shines
In the last release of GitHub Enterprise Server, we introduced the much-awaited dark and dimmed themes, and we continue to work on providing options to help you treat your eyes with kindness while keeping them on the task at hand–introducing high contrast dark theme
!
For more information on changing your theme, see “Managing your theme settings.”
One, then gone…
Sometimes, we need each job to be run on a new, clean environment. Managing the cycling, registration, and de-registration of runners and automatically scaling runners is now easier with support for ephemeral (single job) runners and a new workflow_job
webhook.
Empowering Security Teams with a new role and new permissions
Security is a cross-cutting concern, and professionals responsible for keeping organizations safe need the right access applied consistently and easily across organizations and repositories. The new security manager role
addresses these needs allowing the specified teams’ members to manage security alerts and settings across your organization, as well as read permission for all repositories in the organization.
- Read access on all repositories in the organization.
- Write access on all security alerts in the organization.
- Access to the organization-level security tab.
- Write access on security settings at the organization level.
- Write access on security settings at the repository level.
For more information, see “Managing security managers in your organization.”
The security conscious will also welcome the addition of the option to set an expiration date for personal access tokens, new and existing. User renewals will be requested by email and can easily be regenerated with the same properties as the original. When using a personal access token with the GitHub API, a new GitHub-Authentication-Token-Expiration
header is included in the response, which indicates the token’s expiration date. For more information, see “Creating a personal access token” or check out the release notes for other security related changes
Try it out today
To learn more about GitHub Enterprise Server 3.3, read the release notes and download it now.
Release candidates should be installed on non-production environments. GitHub Support is here to help with any problems, and hear your feedback.
Not using GitHub Enterprise Server already? Start a free trial to innovate faster with the platform developers know and love.
Tags:
Written by
Related posts
Enhance build security and reach SLSA Level 3 with GitHub Artifact Attestations
Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.
Streamlining your MLOps pipeline with GitHub Actions and Arm64 runners
Explore how Arm’s optimized performance and cost-efficient architecture, coupled with PyTorch, can enhance machine learning operations, from model training to deployment and learn how to leverage CI/CD for machine learning workflows, while reducing time, cost, and errors in the process.
GitHub Enterprise: The best migration path from AWS CodeCommit
AWS CodeCommit is discontinuing new customer access and will no longer introduce new features. Learn how to migrate to GitHub Enterprise and why it’s the best option for you.